Cough Cough... Chrome... Chough...

Sips'@slrpnk.net · 2 years ago

Cough Cough... Chrome... Chough...

yeehaw@lemmy.ca · 2 years ago

At a minimum this meme maker has no idea how TLS, browsers, cookies, or DNS work.

SapphironZA@sh.itjust.works · 2 years ago

Um, if you use their DNS they do. Some ISPs force that in fact.

yeehaw@lemmy.ca · 2 years ago

Never had an ISP firewall my DNS. Not sure what country you live in, but it sounds like China at that rate.

SapphironZA@sh.itjust.works · 2 years ago

It’s usually ISP specific.

Some ISPs in the USA and Germany have been doing it. This is why DNS over HTTPs exists to bypass those blocks.

yeehaw@lemmy.ca · 2 years ago

I always thought they exist because privacy. Regular old DNS requests are not encrypted so even if you send a request to 9.9.9.9 your ISP can still see it.

Username@feddit.de · 2 years ago

How can the ISP force their dns? They can’t know where you got the destination ip from.

yeehaw@lemmy.ca · 2 years ago

They could technically just drop and traffic over port 53 that is not destined to their own DNS servers. But that’s china level shit. I’ve never seen an ISP control this in North America.

SapphironZA@sh.itjust.works · 2 years ago

They can also redirect that traffic to their own DNS servers, so you think you are using 3rd party DNS, when you are actually still using theirs. This became legal when the Trump administration got rid of net neutrality legislation.

OpenDNS has an article on how to test if your ISP is doing it. https://support.opendns.com/hc/en-us/articles/227988727-How-can-I-tell-if-my-ISP-Allows-Third-Party-DNS-Providers

Aganim@lemmy.world · 2 years ago

That is where DNS over TLS and DNS over HTTPS come in. 🙂

yeehaw@lemmy.ca · 2 years ago

Yes of course.

hatedbad@lemmy.sdf.org · 2 years ago

TLS doesn’t encrypt the host name of the urls you are visiting and DNS traffic is insanely easy to sniff even if you aren’t using your ISPs service.

yeehaw@lemmy.ca · 2 years ago

Yeah, my point exactly.